Page 1 of 1

Filter with "&" (ampresand) in the value field.

Posted: 08 May 2022, 13:05
by toms
Hello
I have found a tiny problem - in my mantis db, there are few categories, where name contains "&" character ("f0 & f1" - an example).
Everything works fine. Everything but the link (generator) to the filter.

Generated link looks like:

website.com/search.php?project_id=99&category_id=f0%20&f1=&sticky=on&sort=last_updated&dir=DESC&hide_status=80&match_type=0

The f0[space][ampersand][space]f1 was parsed like f0[space], then name after ampresand(f1) is treated like next parameter, not a part of the name (that's why there's "=" added after it).
The correct (percent encoding ) link should be :

website.com/search.php?project_id=99&category_id=f0%20%26%20f1&sticky=on&sort=last_updated&dir=DESC&hide_status=80&match_type=0

"f0%20&f1=" vs "f0%20%26%20f1"

(or & intead %26)

Function filter_encode_field_and_value (filter_api.php) calls php urlencode() for each field values. Maybe the value(s) should be processed with htmlspecialcharacters() or similar function first ?

Tomasz Slanina

Re: Filter with "&" (ampresand) in the value field.

Posted: 13 May 2022, 08:45
by dregad
Please file an issue in our bugtracker